create table if not exists activity_log (
  id uuid default gen_random_uuid() primary key,
  created_at timestamptz default now(),
  actor_id uuid references profiles(id) on delete set null,
  actor_name text,
  action text not null,
  task_id uuid references tasks(id) on delete cascade,
  task_title text,
  project_id uuid references projects(id) on delete cascade,
  project_name text
);

alter table activity_log enable row level security;

create policy "authenticated read activity_log"
  on activity_log for select
  using (auth.role() = 'authenticated');

create policy "authenticated insert activity_log"
  on activity_log for insert
  with check (auth.role() = 'authenticated');